Closed github-learning-lab[bot] closed 2 years ago
ntoh*
macros5_macro_definitions.ql
ntohs
, ntohl
or ntohll
. Use the auto-completion in the Visual Studio Code extension to guide you:
from
to get a list of available classes in the CodeQL standard library for C/C++. Which class in this list represents macros? Create a variable with this class as its type.where
section, type <your_variable_name>
followed by a dot .
, and wait a moment to get the list of predicates available for a value in the variable's type. Hover over each predicate to see the inline documentation.or
keyword to combine multiple conditions where you want at least one condition to be met. Here we are interested in three possible macro names.or
you have 2 choices:
string::regexpMatch
in the built-in predicates for string. CodeQL uses the java.util.Pattern
regexp conventions.<your_variable_name>
to a list of choices <your_variable_name> in ["bar", "baz", "quux"]
Ooops! The query you submitted in f18a223b9fc011afd9558a3bacf3031e2e6c2b9d didn't find the right results. Please take a look at the comment and try again.
To submit a new iteration of your query, you just have to push a new commit to the same branch (main
or the PR branch).
Ooops! The query you submitted in 4ebe917a5a16ec72a292b2e5d9cdcff2c558307e didn't find the right results. Please take a look at the comment and try again.
To submit a new iteration of your query, you just have to push a new commit to the same branch (main
or the PR branch).
Congratulations, looks like the query you introduced in ea817b9c2cdb5c271a7e091302acd350a634b4ca finds the correct results!
If you created a pull request, merge it.
Let's continue to the next step.
Step 5: Using different classes and their predicates
We want to identify integer values that are supplied from network data. A good way to spot those is to look for use of network ordering conversion macros such as
ntohl
,ntohll
, andntohs
.In the
from
section of the query, you declare some variables, and state the types of those variables. The type tells us what the possible values are for the variable.In the previous query you were querying for values in the class
Function
to find functions in the source code. We have to query a different type to find macros in the source code instead. Can you guess its name?NOTE: These Network ordering conversion utilities can be macros or functions depending on the platform. In this course, we are looking at a Linux database, where they are macros.